Upgrade to Pro — share decks privately, control downloads, hide ads and more …

katagaitai CTF勉強会 #3 pwnables編 - 31C3 CTF pwn30...

bata_24
January 08, 2017
Technology
2
2.2k

katagaitai CTF勉強会 #3 pwnables編 - 31C3 CTF pwn30 nokia1337, pwn50 nokia31337 / katagaitai CTF #3

katagaitai CTF勉強会 #3 関東|hard で発表した資料です.
閲覧自由ですが,社会人の方はなるべくWikipediaなどお好きなサービスやOSSに¥1000の寄付をしてあげて下さい(←流行らせたい).
リモートのqemu上で動くARMのLinuxにおいてシェルを奪い(stage1),さらにrootを取る問題(stage3,解法2種)です.stage2はpwnではなくrevなので資料では省略しています.

bata_24

January 08, 2017
Tweet

More Decks by bata_24

See All by bata_24
katagaitai CTF勉強会 #11 Pwnable編 - PlaidCTF 2016 Pwnable666 js_sandbox / katagaitai CTF #11
bata_24
11
2.6k
katagaitai CTF勉強会 #9 Reversing編 - Hack.lu CTF 2012 Reversing 500 DonnBeach / katagaitai CTF #9
bata_24
8
4k
katagaitai CTF勉強会 #8 Pwnables編 - Hack.lu CTF 2013 Exploiting 500 Breznparadisebugmaschine / katagaitai CTF #8
bata_24
5
2.6k
katagaitai CTF勉強会 #1 pwnables編 - DEFCON CTF 2014 pwn1 heap / katagaitai CTF #1
bata_24
5
5.3k
katagaitai CTF勉強会 #2 pwnables編 - PlaidCTF 2013 pwn200 ropasaurusrex / katagaitai CTF #2
bata_24
4
5k
YOKARO-MON勉強会 - CodeGate 2015 Pwnable1000 weff / katagaitai CTF #2.5
bata_24
1
570
UAF勉強会 - CodeGate 2014 rev+pwn450 weird_snus / katagaitai CTF #2.75
bata_24
1
3.2k
katagaitai CTF勉強会 #4 pwnables編 - CodeGate 2015 Pwnable400 beef_steak / katagaitai CTF #4
bata_24
1
1.9k
katagaitai CTF勉強会 #5 pwnables編 - PlaidCTF 2015 Pwnable620 tp / katagaitai CTF #5
bata_24
1
660

Other Decks in Technology

See All in Technology
AWS CDKでデータリストアの運用、どのように設計する?~Aurora・EFSの実践事例を紹介~/aws-cdk-data-restore-aurora-efs
mhrtech
4
660
カメラを用いた店内計測におけるオプトインの仕組みの実現 / ai-optin-camera
cyberagentdevelopers
PRO
1
120
プロダクト成長に対応するプラットフォーム戦略:Authleteによる共通認証基盤の移行事例 / Building an authentication platform using Authlete and AWS
kakehashi
1
150
新R25、乃木坂46 Mobileなどのファンビジネスを支えるマルチテナンシーなプラットフォームの全体像 / cam-multi-cloud
cyberagentdevelopers
PRO
1
130
AIを駆使したゲーム開発戦略: 新設AI組織の取り組み / sge-ai-strategy
cyberagentdevelopers
PRO
1
130
初心者に Vue.js を 教えるには
tsukuha
5
390
生成AIと知識グラフの相互利用に基づく文書解析
koujikozaki
1
140
話題のGraphRAG、その可能性と課題を理解する
hide212131
4
1.5k
AWS CodePipelineでコンテナアプリをデプロイした際に、古いイメージを自動で削除する
smt7174
1
110
「視座」の上げ方が成人発達理論にわかりやすくまとまってた / think_ perspective_hidden_dimensions
shuzon
2
5.4k
omakaseしないための.rubocop.yml のつくりかた / How to Build Your .rubocop.yml to Avoid Omakase #kaigionrails
linkers_tech
3
740
CyberAgent 生成AI Deep Dive with Amazon Web Services / genai-aws
cyberagentdevelopers
PRO
1
480

Featured

See All Featured
How to Ace a Technical Interview
jacobian
275
23k
Testing 201, or: Great Expectations
jmmastey
38
7k
Scaling GitHub
holman
458
140k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
The Invisible Side of Design
smashingmag
297
50k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Agile that works and the tools we love
rasmusluckow
327
21k
Fantastic passwords and where to find them - at NoRuKo
philnash
50
2.8k
Become a Pro
speakerdeck
PRO
24
5k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.1k
Being A Developer After 40
akosma
86
590k

Transcript

  1. None
  2. None
  3. None
  4. None
  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None
  12. None
  13. None
  14. None
  15. None
  16. None
  17. None
  18. None
  19. None
  20. None
  21. None
  22. None
  23. None
  24. None
  25. None
  26. None
  27. None
  28. None
  29. None
  30. None
  31. None
  32. None
  33. None
  34. None
  35. None
  36. None
  37. None
  38. None
  39. None
  40. None
  41. None
  42. None
  43. None
  44. None
  45. None
  46. None
  47. None
  48. None
  49. None
  50. None
  51. None
  52. None
  53. None
  54. None
  55. None
  56. None
  57. None
  58. None
  59. None
  60. None
  61. None
  62. None
  63. None
  64. None
  65. None
  66. None
  67. None
  68. None
  69. None
  70. None
  71. None
  72. None
  73. None
  74. None
  75. None
  76. None
  77. None
  78. None
  79. None
  80. None
  81. None
  82. None
  83. None
  84. None
  85. None
  86. None
  87. None
  88. None
  89. None
  90. None
  91. None
  92. None
  93. None
  94. None
  95. None
  96. None
  97. None
  98. None
  99. None
  100. None
  101. None
  102. None
  103. None
  104. None
  105. None
  106. None
  107. None
  108. None
  109. None
  110. None
  111. None
  112. None
  113. None
  114. None
  115. None
  116. None
  117. None
  118. None
  119. None
  120. None
  121. None
  122. None
  123. None
  124. None
  125. None
  126. None
  127. None
  128. None
  129. None
  130. None
  131. None
  132. None
  133. None
  134. None
  135. None
  136. None
  137. None
  138. None
  139. None
  140. None
  141. None
  142. None
  143. None
  144. None
  145. None
  146. None
  147. None
  148. None
  149. None
  150. None
  151. None
  152. None
  153. None
  154. None
  155. None
  156. None
  157. None
  158. None
  159. None
  160. None
  161. None
  162. None
  163. None
  164. None
  165. None
  166. None
  167. None
  168. None
  169. None
  170. None
  171. None
  172. None
  173. None
  174. None
  175. None
  176. None
  177. None
  178. None
  179. None
  180. None
  181. None
  182. None
  183. None
  184. None
  185. None
  186. None
  187. None
  188. None
  189. None
  190. None
  191. None
  192. None
  193. None
  194. None
  195. None
  196. None
  197. None
  198. None
  199. None
  200. None
  201. None
  202. None
  203. None
  204. None
  205. None
  206. None
  207. None
  208. None
  209. None
  210. None
  211. None
  212. None
  213. None
  214. None
  215. None
  216. None
  217. None
  218. None
  219. None
  220. None
  221. None
  222. None
  223. None
  224. None
  225. None
  226. None
  227. None
  228. None
  229. None
  230. None
  231. None
  232. None
  233. None
  234. None
  235. None
  236. None
  237. None
  238. None
  239. None
  240. None
  241. None
  242. None
  243. None
  244. None
  245. None
  246. None
  247. None
  248. None
  249. None
  250. None
  251. None
  252. None
  253. None
  254. None
  255. None
  256. None
  257. None
  258. None
  259. None
  260. None
  261. None
  262. None
  263. None
  264. None
  265. None
  266. None
  267. None
  268. None
  269. None
  270. None
  271. None
  272. None
  273. None
  274. None
  275. None
  276. None
  277. None
  278. None
  279. None
  280. None
  281. None
  282. None
  283. None
  284. None
  285. None
  286. None
  287. None
  288. None
  289. None
  290. None
  291. None
  292. None
  293. None
  294. None
  295. None
  296. None
  297. None
  298. None
  299. None
  300. None
  301. None
  302. None
  303. None
  304. None
  305. None
  306. None
  307. None
  308. None
  309. None
  310. None
  311. None
  312. None
  313. None
  314. None
  315. None
  316. None
  317. None
  318. None
  319. None
  320. None
  321. None
  322. None
  323. None
  324. None
  325. None
  326. None
  327. None
  328. None
  329. None
  330. None
  331. None
  332. None
  333. None
  334. None
  335. None
  336. None
  337. None
  338. None
  339. None
  340. None
  341. None
  342. None
  343. None
  344. None
  345. None
  346. None
  347. None
  348. None
  349. None
  350. None
  351. None
  352. None
  353. None
  354. None
  355. None
  356. None
  357. None
  358. None
  359. None
  360. None
  361. None